Re: A method to enable secure non-HTTP protocols

Re: A method to enable secure non-HTTP protocols

am 26.07.2004 18:18:08 von Daniel Lopez

Nice :)

Apache 2 protocol modules should allow you to do this without having to
patch the server (using filters), as in Apache 2 HTTP is just another
protocol module that can be inserted or removed.
In Apache 2 mod_ssl itself is implemented as a filter

On Mon, Jul 26, 2004 at 06:22:55PM +0200, Pablo Royo Moreno wrote:
>=20
>=20
> For some years, we have been in my company running a secure non-http fi=
le transfer system. Nowadays, with more and more system administrators al=
lowing secure incoming connections only trough 443 port , that system do=
esn=B4t work, because it does not speak HTTP and 443 port is usually alre=
ady used by web servers, so we cant use it for our systems.
> So there is no solution, if system admin does not open another port, ex=
cept to use 443 port.
>=20
> Now we have made a mod_ssl patch to allow non-HTTP secure incoming conn=
ections to be deciphered and forwarded to a selected server, configured i=
n conf file, while also serving HTTP in the usual way. I=B4m not sure if =
this can be done in any other way with Apache modules, but it works and i=
ts all i need.
>=20
> The patch is in
>=20
> http://spipe.sourceforge.net
>=20
> If you see documentation, you will see there are some other interestin=
g (I think) use cases to create secure "pipes" from one web server to ano=
ther.
>=20
> Hope it will be of help to someone in the same situation. If not, just =
consider it a more or less summer academic experiment.
>=20
> Thank you
>=20
> ____________________________________________________________ __________
> Apache Interface to OpenSSL (mod_ssl) www.modssl.org
> User Support Mailing List modssl-users@modssl.org
> Automated List Manager majordomo@modssl.org
____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org

A method to enable secure non-HTTP protocols

am 26.07.2004 18:22:55 von Pablo Royo Moreno

For some years, we have been in my company running a secure non-http file t=
ransfer system. Nowadays, with more and more system administrators allowing=
secure incoming connections only trough 443 port , that system doesn=B4t =
work, because it does not speak HTTP and 443 port is usually already used b=
y web servers, so we cant use it for our systems.
So there is no solution, if system admin does not open another port, except=
to use 443 port.

Now we have made a mod_ssl patch to allow non-HTTP secure incoming connecti=
ons to be deciphered and forwarded to a selected server, configured in conf=
file, while also serving HTTP in the usual way. I=B4m not sure if this can=
be done in any other way with Apache modules, but it works and its all i n=
eed.

The patch is in

http://spipe.sourceforge.net

If you see documentation, you will see there are some other interesting (I=
think) use cases to create secure "pipes" from one web server to another.

Hope it will be of help to someone in the same situation. If not, just cons=
ider it a more or less summer academic experiment.

Thank you

____________________________________________________________ __________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org